Forms Authentication with IIS 7.5 Failing

I'm working with a website that has been moved to a new server. The forms authentication quit working. The new server uses IIS 7.5 and windows server 2008. After messing with the settings I got the website to work under the cookieless setting, but if change it to use cookies it doesn't work. Anybody have any ideas of what I'm missing?

More Related Resource Links

This module explains how forms authentication works in ASP.NET version 2.0. It explains how IIS and ASP.NET authentication work together, and it explains the role and operation of the FormsAuthenticationModule class.

Classic ASP developers often had to "roll their own" authentication scheme, however, in ASP.NET much of the grunt work has been taken out. This article outlines how things have changed and how FormsAuthentication can be used to secure a Web site with a minimal amount of code.

Often, in legacy Web applications, users authenticate themselves via a Web form. This Web form submits the user's credentials to business logic that determines their authorization level. Upon successful authentication, the application then submits a ticket in the form of a cookie, albeit a hard cookie or session variable. This ticket contains anything from just a valid session identification access token to customized personalization values.

.A timeout is specified in minutes. This is "time since last request" not the "time since login". If a login is indicated to be persistent (described later) this is ignored..A protection method is specified for the cookie.Next I wanted to specify a folder to which access is restricted to people who have logged in. To do this I entered the following code in the web.config file (beneath

Hello, I am seeing a strange problem with Forms Authentication in my DD site. A user logs into and can view/edit/delete data all day, but when they execute a Custom Filter against data (for example , a control DynamicData/Filters/CustomerLastNameSearch.ascx ) then the site auth fails, and redirects to the log in screen.

Offhand, I am thinking two things : that DynamicData/Filters path requires some special handling for some reason, or the control extension ascx is causing auth to get confused. Has anyone else experienced this or have any suggestions? Thanks!

Here's an issue I didn't see coming for our forms based authentication users.

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com

External Users/Forms Based - mossext.domain.com

My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

Form template has cascading dropdown lists. When item selected from first list, form code executes a FileQueryConnection to retrieve data from a list to populate 2nd listbox.
Getting 403 forbidden when explicitely attempting to retrieve data from code. Form is using connections from a data connection library.
The template works perfectly when deployed to a windows authenticated site. Fails when executed from the forms authenticated site.

I'm in the middle of converting an intranet application to use forms authentication. The authentication process works fine for the core application and all the nested classic asp pages. However, my nested asp.net applications do not work. I have mapped their web.configs to the correct login url. If I attempt to access them after logging in, I am automatically redirected to the homepage of the intranet application. If I try to access them directly, I am redirected to the login screen, as I should be, and then the intranet homepage after the login process, instead of the page I need to access.

At first, I thought there might be some remnant of the security processes in the nested applications, but it does it for applications that have no security processes other than the one for the core intranet.

Since this is my first crack at using forms authentication, I'm assuming I've missed some step. Any ideas?

I am using Forms Based Authentication
I have extended the Forms Authentication Tables creating a custom table called Profile_Contact that holds the user's GUID, username, email address, and other information.
I have another table called Profile_Account which holds company account information such as Company Name, address info, phone numbers etc. This table has a Key Field called IDProfileAccount.
I include the IDProfileAccount field in the ProfileContact user table so I can associate the user with a specific Company.For the login page, I am using a basic login page created with using the Visual Studio login controls.When the user logs in, they are sent to the appropriate page as identified by the role the user has been given. This all works great.
Now I need to extend the login page so that when the user logs in not only is the user's name and GUID placed in session, I would also like to have the IDProfileAccount record placed in session as well so that I can filter the records the user sees as only those records of the Company the user is associated with.
I know how to add static variable to a session and how to retrieve them to filter data, what I need to know is how to retrieve the data from the SQL table on login and sending it to the session.
I would think it would be something along these lines:Partial Class login
Inherits System.Web.UI.Page
Protected Sub Logi

Hi,
im new to sharepoint 2010. im in a situation whereby i would like to allow users that already have Active directory accounts log into sharepoint. The problem arises when i need to allow external users to log into the sharepoint site too and it will not be
possible to add them into the active directory. Is there a way to resolve this problem? Appreciate all help given! Thanks!
norphos

I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own.
Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in.
My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions.
I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:<identity impersonate="true" />
but that doesn't seem to work.
I also have the C# code using the WindowsImpersonationContext class, but still no luck. protected void titleTextBox_TextChanged(object sender, EventArgs e)
{
TextBox tb = (TextBox)sender;
string fieldTitle = "job title";
string fieldName = "title";
if (userDirectoryEntry == null)
CaptureUserIdentity();
try
{
WindowsImpersonationContext impersonationContext = userWindowsIdentity.Impersonate();
if (String.IsNullOrEmpty(tb.Text))
userDirectoryEntry.Properties[fieldName].Clear();

Hello,
I am changing the type of authentication in SharePoint to Form authentication.I create a document Library and I choose as a Document Model (Microsoft Office Word 2007). The problem is : "I can't create a new Item Document Word". It disappear.
I am using this article (http://blogs.msdn.com/b/sharepoint/archive/2009/05/13/update-on-sharepoint-forms-based-authentication-fba-and-office-client.aspx
) to solve my problem. The problem is I don't find the registry key
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet\FormsBasedAuthSettings

Is there a reasonably standardised solution that allows external users to register on a forms/authenticated site?
The codeplex Forms Based Authentication project (http://www.codeplex.com/fba)
provided this for SP2007 but I have not seen any indication of a SP2010 solution yet.
Andrew Wiles - www.it-workplace.com - MDX made simple

Hi there,I am just getting started with MVC and I was wondering if someone could point me in the right direction for help with forms authentication using active directory? I have the sample site up but the results I have found on google have not been very helpful in answering this question.This site is going to be an intranet page that we want users to be able to access without logging in when they access it from our network while they must login when trying to access it from home.Any suggestions of where to start?

Hey all! When I have my app-deployed on a server and login with forms authentication I see my cookie get's created in C:\Users\<user>\AppData\Roaming\Microsoft\Windows\CookiesAnd it works great and everything!But when I run my application locally with the asp.net development server while debugging from Visual Studio, I NEVER see a cookie file get created in that location. I'm using the same PC and the same version of internet explorer 8 on the production as I am development so I'm not sure what's going on here. Does anyone know where cookies get stored when hitting http://localhost:<devport> ?